'iv'              => 'vectory!',

[download]
Avoid using a fixed IV if at all possible. If two passwords have the same initial 8 characters, then their encrypted forms will also have the same first 8 characters. Random IVs avoid that information leak. See Practical Cryptography for more information.

Some other posters on this thread seem to think that the random IV is a "problem" because it makes the encrypted form different every time you encrypt it. This appears to be because they don't understand the difference between an encryption function (like DES or Blowfish) and a one-way hash function (like MD5 or SHA1). The former can be decrypted so you can get the original back and compare originals. The latter can't be reversed, so you must compare the mangled versions. 

    'key'             => 'stringie',

[download]
You're never going to be able to change the encryption key without breaking everything. That's bad. 
    'padding'         => 'space',

[download]
In general, space padding is a bad idea (you can't recover the exact original message if it had trailing spaces), but for passwords it might be ok. 
    my $dbpwmd5 = $cipher->encrypt_hex($dbpw);

[download]
If it's not MD5, don't call it MD5.

In reply to Re: Crypt::CBC and verifying passwords by Anonymous Monk
in thread Crypt::CBC and verifying passwords by geektron

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.